TUI Group • Flexible

Security Operations Analyst

Employment type:  Full time


A little flex time

Apply now

Job Description

As a Security Operations Analyst within our Information Security Team, you will perform a crucial role in designing, building, and maintaining our detection and response capabilities.

TUI is focussed on accelerating the development of digital capabilities across the entire holiday lifecycle to delight our customers. At the same time, everyone working on behalf of TUI protects information in all its forms so that we avoid harm; meet our customer, colleague and shareholder expectations and comply with national and international legislation. At TUI, information security is part of everyone’s job.

TUI Group is the world’s number one integrated tourism business. The Group umbrella consists of strong tour operators, 1,800 travel agencies and leading online portals, six airlines with more than 130 aircraft, over 300 hotels with 210,000 beds, twelve cruise liners and countless incoming agencies in all major holiday destinations around the globe. All this enables us to provide our 30 million customers with an unmatched holiday experience in 180 regions.


As a Security Operations Analyst you will promote a security first culture at TUI.

You will work with resolver teams to ensure that information security events and incidents are automatically generated, appropriately investigated to resolution in the Group IT service management system. To ensure reporting on key performance indicators and service levels.

Our information security team works in collaboration with business and IT teams across our many domains. You adopt a pragmatic and ‘can-do’ attitude in everything you do, partnering with your colleagues across the TUI businesses and IT functions worldwide. You build strong working relationships and influence others to do the right thing to Protect our Smile.

Main Responsibilities

  • Monitor for alerts from security tools, including, but not limited to, security analytics platforms, automation tools, ticket management systems, user-reported alerts, and others.
  • Triage security alerts, including initial analysis to determine the validity of alerts and gather additional context.
  • Use network and host security tooling to perform additional investigation.
  • Work the full incident lifecycle from detection, investigation, response, to remediation for security alerts.
  • Contribute to the further development, maintenance, and standardization of SOC (Security Operations Centre) processes, policies, and procedures.
  • Work with other IT and security teams to identify areas for improvement around detection, investigation, and response.
  • Research Advanced Persistent Threat Groups’ adversary tactics, techniques, and procedures (TTPs) in preparation for future attacks.
  • Provide feedback on detection rules to help tune security tools and minimize false positives.
  • Participate in SOC working groups and sub-teams to help generate and execute on innovative ideas for content, technology advancements, and proactive defence improvement projects.

Success Metrics

  • Mean-time-to-acknowledge.
  • Mean-time-to-respond (MTTR) by alert severity.
  • Process adherence.
  • Recurring incident ratio.


  • Demonstrable deep experience of design and build of systems integration, ideally in a security operations environment. Strong technical and IT operations background, with at least 5 years of experience.
  • Experience of working with Splunk or similar SIEM (Security Information and Event Management) platforms, Service Desk systems and security monitoring tools desirable with experience in designing and developing these platforms.
  • Familiarity and experience with Windows, macOS, Linux, and Unix operating systems.
  • Computer networking and cloud technology fundamentals.
  • Understanding of Active Directory, Lightweight Directory Access Protocol (LDAP), identity-as-a-service, Azure Active Directory (AAD).
  • Security knowledge and awareness of firewalls, proxies, next-gen antivirus, and intrusion protection and intrusion detection concepts.
  • Experience scripting in Python and PowerShell.
  • Experience using M365 including security tools.
  • Excellent English written and verbal communication skills.
  • Good interpersonal skills so that you can work well with and influence your information security, and IT operations colleagues from around the world.
  • Empathy to respond with understanding and care in the event of a security incident.
  • A process-oriented mindset, with the ability to follow standard operating procedures and alter such plans as the occasion arises.
  • The creativity to think freely and develop innovative solutions to complex problems, especially in the event of new, unexpected security incidents.
  • Communication skills to clearly relay technical information to individuals with distinct levels of technical competence.
  • Adaptability and flexibility to react quickly and respond completely to security incidents.
  • Attention to detail to ensure complete response and remediation in the event of an incident.


  • Being a valuable team member of TUI, the No.1 global and socially aware travel company.
  • Competitive salary and benefits.
  • Smart working (Flexible hours) and possibility of working remotely up to 100% or Hybrid from one of our offices.
  • Develop yourself as part of a friendly, richly, diverse virtual international team.

If you want to know more about why TUI Group is the world’s leading tourism group, and our continuing work in the diversity & inclusion space, simply visit careers.tuigroup.com


Company benefits

Travel credit – All benefits vary by location and job role, we'd be happy to chat to you about this in more detail
Work from anywhere scheme – TUI WORKWIDE means colleagues can work from abroad for up to 30 working days a year
Employee discounts
Flexible working week
Bank holiday swaps
Time off in-lieu
Religious celebration leave
Buy or sell annual leave
Health insurance
Gym membership
Open to part time work for some roles
Mental health platform access
Enhanced maternity leave
Shared parental leave
Pregnancy loss leave
Enhanced paternity leave
Compassionate leave
Cinema discounts
Season ticket loan
Travel insurance
Cycle to work scheme
In office catering
Commuter loan
Annual pay rises
Annual bonus
Life assurance
Salary sacrifice
Matched pension contribution
In office workout classes
Teambuilding days
Employee assistance programme
Charity donation scheme
Enhanced sick pay
Share options
Faith rooms
Volunteer days
Lunch and learns
L&D budget
Personal development days
Mental health days
Employees are very happy with their working location freedom
Employees are largely happy with the flexibility in the hours they work
Employees are largely happy with the benefits their company offers
Work-life balance
Employees feel that they can switch off quite easily from work
Role modelling
Employees feel that most people work flexibly
Employees feel they have complete autonomy over getting their work done

Additional employee ratings
(these do not contribute to the FlexScore®)

Employees feel that the diversity is good and there are continued efforts to improve it
Employees feel that the culture supports equity and inclusivity well
Employees enjoy the working environment
Employees feel quite excited about the company mission
Employees feel that their salary is fair and in line with the market average

Working at TUI Group

Company employees

60,000 globally

Gender diversity (male:female)


Office locations

Austria, Belgium, Brazil, Canada, China, Denmark, Finland, France, Germany, India, Ireland, Mexico, The Netherlands, Norway, Poland, Portugal, Spain, Sweden, Switzerland, United Kingdom, USA

Hiring Countries

Dominican Republic
United Kingdom

Awards & Achievements

Most flexible companies

Most flexible companies

Flexa100 2024

Other jobs you might like